private void SetGroups() { var roleStore = new RoleStore <Role, int, UserRole>(_context); var roleManager = new ApplicationRoleManager(roleStore); var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context); var userManager = new ApplicationUserManager(userStore); var groupManagerStore = new ApplicationGroupStore(_context); var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager); foreach (var group in GroupsToAdd) { var result = groupManager.CreateGroup(group); if (!result.Succeeded) { throw new Exception(string.Join(",", result.Errors.ToArray())); } var roles = RolesToAdd.Select(x => x.Id).ToArray(); var resultSetGroupRoles = groupManager.SetGroupRoles(group.Id, roles); if (!resultSetGroupRoles.Succeeded) { throw new Exception(string.Join(",", resultSetGroupRoles.Errors.ToArray())); } } }
public ApplicationGroupManager() { _db = HttpContext.Current.GetOwinContext().Get<ApplicationDbContext>(); _userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>(); _roleManager = HttpContext.Current.GetOwinContext().Get<ApplicationRoleManager>(); _groupStore = new ApplicationGroupStore(_db); }
public ApplicationGroupManager(ApplicationDbContext db) { _db = db; _groupStore = new ApplicationGroupStore(_db); _roleManager = new ApplicationRoleManager(_db); _userManager = new ApplicationUserManager(_db); ; }
public ApplicationGroupManager() { _db = HttpContext.Current .GetOwinContext().Get <ApplicationDbContext>(); _userManager = HttpContext.Current .GetOwinContext().GetUserManager <ApplicationUserManager>(); _roleManager = HttpContext.Current .GetOwinContext().Get <ApplicationRoleManager>(); _groupStore = new ApplicationGroupStore(_db); }
private void CreateTestUser(int quantity) { // data test var UsersTestToAdd = new List <User>(); for (var i = 1; i <= quantity; i++) { var user = new User { Name = $"User {i}", UserName = $"user{i}", Email = $"user{i}@itlab.com.br", Active = (i % 8 != 0), CreationUser = _context.GetCurrentUser(), AuthenticationType = (i % 5 == 0) ? AuthenticationType.ActiveDirectory : AuthenticationType.DataBase }; UsersTestToAdd.Add(user); } // var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context); var userManager = new ApplicationUserManager(userStore) { UserLockoutEnabledByDefault = true }; var roleStore = new RoleStore <Role, int, UserRole>(_context); var roleManager = new ApplicationRoleManager(roleStore); var groupManagerStore = new ApplicationGroupStore(_context); var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager); foreach (var user in UsersTestToAdd) { //if (userManager.FindByEmail(user.Email) != null) continue; //TODO: Devemos usar o CreateAsync, porém, não conseguimos utilizar dentro do foreach, depois precisa verificar o porque. var result = userManager.Create(user, "123456"); if (!result.Succeeded) { throw new Exception(string.Join(",", result.Errors.ToArray())); } groupManager.SetUserGroups(user.Id, GroupsToAdd.Select(x => x.Id).ToArray()); foreach (var country in CountryAdd) { if (user.Countries.All(d => d.Id != country.Id)) { user.Countries.Add(country); } } } }
private void SetUser() { var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context); var userManager = new ApplicationUserManager(userStore) { UserLockoutEnabledByDefault = true }; var roleStore = new RoleStore <Role, int, UserRole>(_context); var roleManager = new ApplicationRoleManager(roleStore); var groupManagerStore = new ApplicationGroupStore(_context); var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager); foreach (var user in UsersToAdd) { if (userManager.FindByEmail(user.Email) != null) { continue; } var result = userManager.Create(user, "123456"); if (!result.Succeeded) { throw new Exception(string.Join(",", result.Errors.ToArray())); } groupManager.SetUserGroups(user.Id, GroupsToAdd.Select(x => x.Id).ToArray()); foreach (var country in CountryAdd) { if (user.Countries.All(d => d.Id != country.Id)) { user.Countries.Add(country); } } } }
//add application specific Claims to user's identity private static ClaimsPrincipal AddCustomClaimsToPrincipal(String userName) { PrincipalContext princiContxt = null; UserPrincipal thePrincipal = null; //get the Domain context for the Directory Services princiContxt = new PrincipalContext(ContextType.Domain); //get the user-principal object from the Domain context using the specified username thePrincipal = UserPrincipal.FindByIdentity(princiContxt, userName); var customClaims = new List <System.Security.Claims.Claim> { new System.Security.Claims.Claim(ClaimTypes.Email, userName), new System.Security.Claims.Claim(ClaimTypes.Name, userName) }; if (userName == "*****@*****.**") { var findItem = customClaims.Find(c => c.Value == "SuperAdmin"); if (findItem == null) { customClaims.Add(new System.Security.Claims.Claim("Group", "SuperAdmin")); } } if (thePrincipal != null) { if (thePrincipal.Surname != null) { customClaims.Add(new System.Security.Claims.Claim(ClaimTypes.WindowsAccountName, thePrincipal.SamAccountName)); customClaims.Add(new System.Security.Claims.Claim(ClaimTypes.Surname, thePrincipal.Surname)); } // get all groups the user is a member of //// //// Todo for a weird error on crm dev server. uncomment the below line if you can solve it! //// //customClaims.AddRange(thePrincipal.GetAuthorizationGroups().Select(group => // new System.Security.Claims.Claim("AD_Group", group.Name))); PrincipalSearchResult <Principal> adGroup = thePrincipal.GetAuthorizationGroups(); var iterGroup = adGroup.GetEnumerator(); using (iterGroup) { while (iterGroup.MoveNext()) { try { var p = iterGroup.Current; if (string.IsNullOrEmpty(p.Name)) { continue; } customClaims.Add(new System.Security.Claims.Claim("AD_Group", p.Name)); } catch { continue; } } } //here you can add any claim type-value pairs, maybe some user settings read from DB. var db = new ApplicationDbContext(); var userManager = new ApplicationUserStore(db); var user = userManager.Users.FirstOrDefault(u => u.Email == thePrincipal.UserPrincipalName); if (user != null) { customClaims.Add(new System.Security.Claims.Claim("UserId", user.Id.ToString())); var claims = user.ApplicationClaims; var groups = user.ApplicationGroups; var rowFilters = user.ApplicationPrincipalRowFilters.Where(x => x.PrincipalType == "U"); var groupManager = new ApplicationGroupStore(db); var claimManager = new ApplicationClaimStore(db); var rowFilterManager = new RowFilterStore(db); customClaims.AddRange(groups.Select(group => groupManager.FindById(group.ApplicationGroupId)).Select(g => new System.Security.Claims.Claim("Group", g.Name))); customClaims.AddRange(claims.Select(claim => claimManager.FindById(claim.ApplicationClaimId)).Select(c => new System.Security.Claims.Claim(c.Key, c.Value))); customClaims.AddRange(rowFilters.Select(r => rowFilterManager.FindById(r.Id)).Select(c => new System.Security.Claims.Claim(c.ApplicationRowFilterType.Name, c.RowFilterValue.ToString()))); var appgroupManager = new ApplicationGroupManager(); var groupList = groups.Select(group => groupManager.FindById(group.ApplicationGroupId)); foreach (var item in groupList) { var groupRowFilters = item.ApplicationPrincipalRowFilters.Where(x => x.PrincipalType == "G"); customClaims.AddRange(groupRowFilters.Select(r => rowFilterManager.FindById(r.Id)).Select(c => new System.Security.Claims.Claim(c.ApplicationRowFilterType.Name, c.RowFilterValue.ToString()))); foreach (var appclaim in appgroupManager.GetGroupClaims(item.Id)) { var claim = new System.Security.Claims.Claim(appclaim.Key, appclaim.Value); var findItem = customClaims.Find(c => c.Value == claim.Value && c.Type == claim.Type); if (findItem == null) { customClaims.Add(claim); } } } } } //https://msdn.microsoft.com/en-us/library/system.security.claims.authenticationtypes(v=vs.110).aspx var theCustomClaimsIdentity = new ClaimsIdentity(customClaims, authenticationType: "Negotiate");//Negotiate | Signing | Sealing return(new ClaimsPrincipal(theCustomClaimsIdentity)); }
public ApplicationGroupManager() { _groupStore = new ApplicationGroupStore("InventoryConnection"); _userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); _roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>(); }